Amendments to the Claims: 



This listing of claims will replace all prior versions and listings of claims in the 
application: 

1. (Currently Amended) A system for controlling an application process comprising: 

an injector operable to bo stored on a first computing device computer readable? medium ; 

redirect code operable tobo placed bv the injector in a memory' of the first computing 
device used bv an application process bv the injector and , the redirect code allows access to 
secured data at a remote computer system bv authorizing access with b ypass security in place at 
IM] the remote computing system; and 

a library of redirect functions operable to be referenced by the redirect code during the 
application process execution, the redirect code operable to intercept a set of target function calls 
made by the application process and execute the redirect functions for the intercepted target 
function calls. 

2. (Currently Amended) The system, as set forth in claim 1, wherein the injector is pushed to [[a]] 
the first computing device executing the application process. 

3. (Original) The system, as set forth in claim 1, wherein the set of target function calls 
comprises socket function calls. 

4. (Original) The system, as set forth in claim I , wherein the library of redirect functions 
comprises a dynamic link library. 

5. (Currently Amended) The system, as set forth in claim 1 5 further comprising: 

a secure environment having a plurality of resources; 

a firewall securing all access to the plurality of resources in the secure environment; and 
an access policy pushed to [[a]] the first computing device executing the application 

process, the access policy identifying the resources authorized for access by the first computing 

device, 

6. (Original) The system, as set forth in claim 5. wherein the application process comprises an 
application operable to communicate with the secure environment resources using an Internet 
transport protocol, the redirect code, and the redirect functions. 
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7. (Original) The system, as set forth in claim 1, wherein the application process comprises an 
email application. 

8. (Original) The system, as set forth in claim l s wherein the application process comprises a 
web browser application. 

9. (Original) The system, as set forth in claim 1, wherein the application process comprises a 
file transfer application. 

10. (Currently Amended) A method for controlling an application process comprising: 

pushing an injector to a first computing d evice executing the application process; 

injecting a redirect code into the application proces s, the redirect code allows access to 
secured data at a remote computer svstem by authorizing access with bypass security in place at 
[Ml the remote computing system; 

executing the redirect code in the application process to reference a redirect library of 
redirect functions; 

resuming the execution of the application process; and 

intercepting at least one target function calls made by the application process and 
executing at least one redirect function in place of the at least one target function calls. 

1 1 . (Original) The method, as set forth in claim 10, wherein injecting a redirect code further 
comprises: 

starting the application process; 

interrupting the execution of the application process; and 

injecting the redirect code into a memory space of the application process. 

12. (Original) The method, as set forth in claim 10. wherein injecting a redirect code further 
comprises: 

starting the application process using a debug option; 
catching an exception thrown by the application process; 
locating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 



13. (Original) The method, as set forth in claim 10, wherein injecting a redirect code further 
comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 

14. (Original) The method, as set forth in claim 10, wherein injecting a redirect code further 
comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
use a create remote thread function to execute the redirect code. 

15. (Original) TTie method, as set forth in claim 10, wherein executing the redirect code 
comprises: 

loading the redirect library of redirect functions; 

determining a location of an import table replacement function in the redirect library: and 
executing the import table replacement function. 

16. (Original) TTie method, as set forth in claim 15, wherein loading the redirect library of 
redirect functions comprises loading a dynamic link library. 

17. (Original) The method, as set forth in claim 15, wherein executing the import table 
replacement function comprises: 

searching an import table of the application process for the set of target function calls; 

and 

modifying the target function calls to reference redirect functions in the redirect library. 

18. (Original) The method, as set forth in claim 15, wherein executing the import table 
replacement function comprises: 

searching' dynamic link libraries of the application process for the set of target function 
calls; and 

modifying the target function calls to reference redirect functions in the redirect library. 



19. (Currently Amended) The method, as set forth in claim 10, further comprising: 

receiving user information; 
authenticating the user information; 

pushing an access policy specify ing resources accessible by a user associated with the 
user information to | [a] | first computing device used by the user. 

20. (Original) The method, as set forth in claim 19, wherein intercepting at least one target 
function call comprises intercepting at least one socket function call. 

21. (Original) The method, as set forth in claim 19, further comprising executing redirect 
functions to enable a secured access to a plurality of resources via a firewall. 

22. (Currently Amended) A method comprising: 

receiving user information; 
authenticating the user information: 

pushing an injector to a first computing d evice executing an application process; and 
intercepting at least one target function call made by the application process to at least 
one of a plurality of secure resources at a remote computing svstem and executing at least one 
redirect function in place of the at least one target function call, the at least one redirect function 
operable to allows access to the at least one secure resource at the remote computer svstem bv 
authorizing access with b ypass security in place at [[a]] the remote computing system. 

23. (Original) The method, as set forth in claim 22, further comprising: 

injecting a redirect code into the application process; 

executing the redirect code in the application process to reference a redirect library of 
redirect functions; and 

resuming the execution of the application process. 

24. (Original) The method, as set forth in claim 23, wherein injecting a redirect code further 
comprises: 

starting the application process; 

interrupting the execution of the application process; and 

injecting the redirect code into a memory space of the application process. 



25. (Original) The method, as set forth in claim 23, wherein injecting a redirect code farther 
comprises: 

starting the application process using a debug option; 
catching an exception thrown by the application process; 
locating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 

26. (Original) The method, as set forth in claim 23, wherein injecting a redirect code further 
comprises: 

starting the application process using a suspend option; 
creating memory space in the application process; 

injecting the redirect code into the memory space of the application process; and 
set an instruction pointer to the redirect code. 

27. (Original) The method, as set forth in claim 23, wherein injecting a redirect code further 
comprises: 

starting the application process using a suspend option; 
creating memory space in the application process: 

injecting the redirect code into the memory space of the application process; and 
use a create remote thread function to execute the redirect code. 

28. (Original) The method, as set forth in claim 23, wherein executing the redirect code 
comprises: 

loading the redirect library of redirect functions; 

determining a location of an import table replacement function in the redirect library; and 
executing the import table replacement function. 

29. (Original) The method, as set forth in claim 28, wherein loading the redirect library of 
redirect functions comprises loading a dynamic link library. 

30. (Original) The method, as set forth in claim 28, wherein executing the import table 
replacement function comprises: 

searching an import table of the application process for the set of target function calls; 
and 



modifying the target function calls to reference redirect functions in the redirect library. 

31. (Original) The method, as set forth in claim 28. wherein executing the import table 
replacement function comprises: 

searching dynamic link libraries of the application process for the set of target function 
calls; and 

modifying the target function calls to reference redirect functions in the redirect library. 

32. (Original) The method, as set forth in claim 22, wherein intercepting at least one target 
function call comprises intercepting at least one socket function call. 

33. (Original) The method, as set forth in claim 22, further comprising executing redirect 
functions to enable a secured access to a plurality of resources via a firewall. 



